kmp: Update specs to reflect paused work#1842
Merged
transphorm merged 11 commits intodevfrom Mar 11, 2026
Merged
Conversation
Contributor
|
Caution Review failedThe pull request is closed. ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (6)
📝 WalkthroughWalkthroughThis PR rehomes multiple SDK workstreams into a new Changes
Sequence Diagram(s)sequenceDiagram
participant Host as Host Surface
participant WV as WebView UI
participant Core as SDK Core
participant Provider as KYC Provider
participant Config as SelfClient Config
Host->>WV: Initialize with SdkInitialConfig (verificationRequest, env, platform, debug)
WV->>Core: call useSelfClient(config)
Core->>Config: read platform & debug fields
WV->>Provider: launch capture per KYC Provider Contract (userId, scope, disclosures, selfApp)
Provider->>WV: return normalized KYC result (MRZ/liveness)
WV->>Core: submit proof result
Core->>Host: emit VERIFICATION_COMPLETE event
Estimated code review effort🎯 4 (Complex) | ⏱️ ~60 minutes Possibly related PRs
Suggested labels
Poem
🚥 Pre-merge checks | ✅ 1 | ❌ 2❌ Failed checks (2 warnings)
✅ Passed checks (1 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
💡 Codex Reviewself/.github/workflows/webview-bridge-ci.yml Lines 39 to 40 in 0745600  Build mobile-sdk-alpha before running webview-bridge tests
self/.github/workflows/webview-app-ci.yml Lines 29 to 30 in 0745600  Include mobile-sdk-alpha paths in webview CI triggers
These webview workflows now explicitly depend on building ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Note
Due to the large number of review comments, Critical severity comments were prioritized as inline comments.
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
specs/archive/SPECS-REORG-PLAN.md (1)
45-50:⚠️ Potential issue | 🟠 MajorTarget structure conflicts with migration map.
The target structure shows
native-shells/,integrations/, andrn-sdk/underworkstreams/, but the migration map (lines 102-103, 105) now redirects these topaused/. Update the target structure to include apaused/subdirectory and move the three paused workstreams there for consistency.🔧 Suggested structure correction
workstreams/ webview/ - native-shells/ - integrations/ sdk-core/ + paused/ + native-shells/ + integrations/ rn-sdk/🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/archive/SPECS-REORG-PLAN.md` around lines 45 - 50, Update the target structure under workstreams to match the migration map by adding a paused/ subdirectory and moving the three paused workstreams into it: replace entries native-shells/, integrations/, and rn-sdk/ under workstreams/ with a paused/ folder that contains native-shells/, integrations/, and rn-sdk/ so the directory list and the migration map are consistent.
🟠 Major comments (21)
specs/projects/sdk/workstreams/sdk-core/plans/SC-01-fallback-adapter-dedup.md-3-4 (1)
3-4:⚠️ Potential issue | 🟠 MajorHold the
Donestatus until this plan has real traceability and validation evidence.This now reads as fully completed, but the same file still leaves
Branch/PRasTBDand does not include any concrete evidence for the claimed “repo validation” pass. That makes the completion signal unreliable for anyone using this plan to track rollout status. Either attach the actual PR/branch and validation results, or keep the plan in a non-final state until that evidence exists.As per coding guidelines, "
**/*.md: In docs and reviews, use signal over praise. Remove feel-good text that doesn't change decisions. Keep only actionable content: concrete issues, risks, decisions, owners, next steps, and validation evidence".Also applies to: 59-61, 66-67
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/workstreams/sdk-core/plans/SC-01-fallback-adapter-dedup.md` around lines 3 - 4, Update the plan so it isn't marked "Done" until you attach concrete traceability and validation evidence: replace the TBD placeholders for "Branch"/"PR" with the actual branch name and PR link and include the repo validation results (logs, checklist or test-summary) referenced in the "repo validation" section; if that evidence is not yet available, change the "Status" field from "Done" to a non-final state (e.g., "In progress" or "Pending validation") and add a short "Next steps / owner / expected date" entry. Also remove any feel-good or non-actionable text per the docs guideline and apply the same fixes to the other referenced sections (the blocks around lines 59-61 and 66-67) so all validation and traceability fields are either populated or marked pending with owners.specs/ARCHIVE.md-15-15 (1)
15-15:⚠️ Potential issue | 🟠 MajorDon’t archive this row while the final PR is still pending.
This entry says the spec was retired on
2026-03-06, butFinal PR(s)still containsPR#2(pending). That freezes an incomplete state into the archive and makes the retirement record unreliable. Either wait until the pending PR lands, or keep the spec out ofARCHIVE.mduntil the final delivery reference is known.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/ARCHIVE.md` at line 15, The ARCHIVE entry for `specs/projects/sdk/paused/rn-sdk/SPEC-MRZ-CONSOLIDATION.md` was marked retired on 2026-03-06 while its Final PR list still contains `PR `#2` (pending)`—remove or defer archiving until the pending PR is merged; either delete the row for `SPEC-MRZ-CONSOLIDATION.md` from ARCHIVE.md or update the Final PRs to only reference merged PRs (e.g., keep `PR `#1817`` only) and add the archive row back once `PR `#2`` is no longer pending.specs/ARCHIVE.md-11-11 (1)
11-11:⚠️ Potential issue | 🟠 MajorReplace the wildcard with concrete retired spec entries.
specs/projects/kmp/*makes the archive non-auditable: readers cannot tell which exact specs were retired or verify that references were updated. Please archive either the concrete files or a concrete parent doc such as the destinationINDEX.md/OVERVIEW.md, not a glob.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/ARCHIVE.md` at line 11, The archive entry using the glob `specs/projects/kmp/*` in ARCHIVE.md is non-auditable; update that line to list the specific retired spec filenames (e.g., `specs/projects/kmp/README.md`, `specs/projects/kmp/PROPOSAL.md`, etc.) or replace the glob with the concrete parent document such as `specs/projects/kmp/INDEX.md` or `specs/projects/kmp/OVERVIEW.md` so readers can verify exactly which files were archived and confirm references were updated; ensure the updated entry preserves the original date and rationale columns.specs/projects/sdk/workstreams/webview/plans/WV-02-kyc-provider-contract.md-4-4 (1)
4-4:⚠️ Potential issue | 🟠 MajorStatus "Ready" conflicts with incomplete checklist and open questions.
The document is marked as "Ready" but the Definition of Done (lines 71-75) is entirely unchecked and "Questions to Resolve" (lines 51-56) lists four unresolved items. Either update the status to "Draft" or resolve these blockers before marking this plan as ready.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/workstreams/webview/plans/WV-02-kyc-provider-contract.md` at line 4, The file currently shows "Status: Ready" while the "Definition of Done" checklist (the block under that heading) is all unchecked and "Questions to Resolve" lists unresolved items; update the plan so the status accurately reflects its state by either changing the top-line "Status: Ready" to "Status: Draft" or by resolving and checking off each item in the "Definition of Done" and answering the open items under "Questions to Resolve" (refer to those exact headings to find the checklist and questions to update).specs/projects/sdk/workstreams/webview/plans/WV-02-kyc-provider-contract.md-51-56 (1)
51-56: 🛠️ Refactor suggestion | 🟠 MajorReference existing type definitions to answer downstream field requirements.
Question 3 asks "Which provider outputs are required for downstream Self proof steps?" The relevant code snippets show:
MrzScanResult(snippet 1): documentNumber, dateOfBirth, dateOfExpiryNfcScanParams(snippet 2): passportNumber, dateOfBirth, dateOfExpiry (required)SelfAppDisclosureConfig(snippet 4): issuing_state, name, passport_number, nationality, date_of_birth, gender, expiry_dateWhen defining the provider contract, explicitly map provider outputs to these existing interfaces to ensure compatibility.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/workstreams/webview/plans/WV-02-kyc-provider-contract.md` around lines 51 - 56, Map the provider contract outputs explicitly to the existing types: ensure MRZ outputs populate MrzScanResult fields (documentNumber, dateOfBirth, dateOfExpiry), ensure NFC outputs satisfy NfcScanParams required fields (passportNumber, dateOfBirth, dateOfExpiry), and ensure disclosure outputs map to SelfAppDisclosureConfig keys (issuing_state, name, passport_number, nationality, date_of_birth, gender, expiry_date); denote which of these fields are required vs optional in the contract and include any necessary transformations or canonical naming (e.g., passportNumber -> passport_number) so downstream Self proof steps can consume them without additional mapping.specs/projects/sdk/workstreams/webview/plans/WV-02-kyc-provider-contract.md-20-24 (1)
20-24: 🛠️ Refactor suggestion | 🟠 MajorClarify document deliverable scope and improve readability.
Three consecutive bullets begin with "Define," reducing readability. More importantly, this plan outlines what will be defined but doesn't include the actual contract definitions (request/response schemas, field mappings to
MrzScanResult,NfcScanParams, orSelfAppDisclosureConfig).If this is a planning document that precedes implementation, consider:
- Renaming to make the meta-planning nature explicit
- Adding a section with draft contract schemas referencing the existing types from the relevant code snippets
- Varying sentence structure: "Specify the minimum request payload...", "Document the normalized result payload...", etc.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/workstreams/webview/plans/WV-02-kyc-provider-contract.md` around lines 20 - 24, Rename this planning document to indicate it's a meta-plan (e.g., add "plan" or "draft" in the title), rewrite the three repetitive "Define" bullets to varied verbs ("Specify the minimum request payload", "Document the normalized result payload", "Describe failure/cancellation semantics"), and add a new section that includes draft contract schemas mapping provider fields to existing types—explicitly reference MrzScanResult, NfcScanParams, and SelfAppDisclosureConfig—and include example request/response field mappings and required downstream fields for MRZ/liveness so implementers can see exactly which attributes must be produced and consumed.specs/projects/sdk/paused/native-shells/plans/NS-04-apdu-allowlist.md-33-33 (1)
33-33:⚠️ Potential issue | 🟠 MajorUpdate AGENTS.md and CLAUDE.md to acknowledge paused workstreams.
The move of native-shells to
specs/projects/sdk/paused/should trigger an update to both AGENTS.md and CLAUDE.md per the coding guidelines. Currently, both files document the spec structure as if all workstreams live underspecs/projects/sdk/workstreams/, but AGENTS.md explicitly states "the relevant workstreamSPEC.mdunderspecs/projects/sdk/workstreams/" — which is now incomplete. Add a note clarifying that paused or archived workstreams may exist outside the active workstreams folder, or explicitly document the paused workspace location alongside active workstreams.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/paused/native-shells/plans/NS-04-apdu-allowlist.md` at line 33, Update AGENTS.md and CLAUDE.md to reflect that workstreams may be paused or archived outside the active workstreams folder: locate the sentence that reads "the relevant workstream `SPEC.md` under `specs/projects/sdk/workstreams/`" and modify it to either add a parenthetical note that paused/archived specs live under `specs/projects/sdk/paused/` (e.g., "or in `specs/projects/sdk/paused/` for paused workstreams") or add a short paragraph documenting both locations and how to find paused specs; ensure both files contain the same wording and that any references to locating SPEC.md include the paused path.specs/topics/SECURITY-HARDENING.md-11-25 (1)
11-25:⚠️ Potential issue | 🟠 MajorUpdate AGENTS.md and CLAUDE.md with paused paths.
The path updates in
specs/topics/SECURITY-HARDENING.mdare correct, but per coding guidelines ("update all references in 'specs/', 'AGENTS.md', and 'CLAUDE.md' in the same change"), AGENTS.md and CLAUDE.md must also be updated to reference the newpaused/paths. Currently onlyspecs/was updated.Search for existing references to these workstreams in AGENTS.md and CLAUDE.md and update them to use the new
paused/paths:
specs/projects/sdk/paused/native-shells/SPEC.mdspecs/projects/sdk/paused/rn-sdk/SPEC.md🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/topics/SECURITY-HARDENING.md` around lines 11 - 25, Update AGENTS.md and CLAUDE.md to replace any legacy references to the old SDK workstream paths with the new paused paths mentioned in SECURITY-HARDENING.md: change references to specs/projects/sdk/paused/native-shells/SPEC.md and specs/projects/sdk/paused/rn-sdk/SPEC.md; search both AGENTS.md and CLAUDE.md for occurrences of the previous paths or workstream IDs (e.g., NS-04, NS-05, RN-03) and update the links/text to the exact new paused/ paths, ensuring link formatting and surrounding context match existing document style.specs/projects/sdk/paused/native-consolidation/plans/NC-06-external-mrz-nfc-inventory.md-34-35 (1)
34-35:⚠️ Potential issue | 🟠 MajorPause state is still inconsistent inside this plan.
These links move the plan into the paused native-consolidation set, but the header at Line 4 still says
Ready. That ambiguity is likely to reopen work that the new paused docs are trying to park.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/paused/native-consolidation/plans/NC-06-external-mrz-nfc-inventory.md` around lines 34 - 35, The plan's status header still reads "Ready" while the two links (`specs/projects/sdk/paused/native-consolidation/SPEC.md` and `.../CONTRACTS.md`) move this into the paused set; update the header text (the top-level status line currently "Ready") to "Paused" (or "Status: Paused") to match the linked paused docs and ensure the plan's metadata/status field in NC-06-external-mrz-nfc-inventory.md aligns with the paused native-consolidation grouping.specs/projects/sdk/paused/rn-sdk/SPEC.md-87-88 (1)
87-88:⚠️ Potential issue | 🟠 MajorDon’t keep paused work under
Active Plans.RN-01 and RN-02 are now explicitly
Paused, but this table still presents them as active execution items. Rename the section or split active vs paused/history so the spec has a single, reliable source of truth.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/paused/rn-sdk/SPEC.md` around lines 87 - 88, Update the "Active Plans" section in SPEC.md so it no longer lists items marked as Paused: locate the table rows referencing plans/RN-01-self-wallet-integration-validation.md and plans/RN-02-npm-publishing-readiness.md (IDs RN-01 and RN-02) and either move those rows into a new "Paused / On Hold" table or split the section into separate "Active Plans" and "Paused Plans" tables; update the section heading text and any explanatory intro so the spec's single source of truth reflects each plan's current status.specs/projects/sdk/paused/rn-sdk/plans/RN-01-self-wallet-integration-validation.md-32-32 (1)
32-32:⚠️ Potential issue | 🟠 MajorPause this plan’s own metadata too.
This now points at the paused RN spec, but Line 4 still says
Status: Ready. That leaves the same plan both paused and executable depending on which field the reader follows.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/paused/rn-sdk/plans/RN-01-self-wallet-integration-validation.md` at line 32, Update the plan's own metadata to mark it paused: in RN-01-self-wallet-integration-validation.md locate the Status: field (currently "Status: Ready") and change it to "Status: Paused" so the plan's header and its referenced spec (was specs/projects/sdk/paused/rn-sdk/SPEC.md) consistently indicate the paused state; ensure any other metadata fields in the same file that imply executability are adjusted to match the paused status.specs/projects/sdk/paused/native-consolidation/plans/NC-04-phase-3-shim-cleanup.md-30-30 (1)
30-30:⚠️ Potential issue | 🟠 MajorThis plan still reads as active.
The
SPEC.mdlink now targets the paused native-consolidation spec, but Line 4 still marks the planReady. Please update the plan header/status block in the same change so execution state is unambiguous.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/paused/native-consolidation/plans/NC-04-phase-3-shim-cleanup.md` at line 30, The plan header/status block still shows the plan as "Ready" while the SPEC.md link targets the paused native-consolidation spec; edit the plan header in NC-04-phase-3-shim-cleanup.md to reflect the paused state (replace any "Ready" / status: Ready with "Paused" or status: Paused) and ensure the status metadata and any state tags in the top-of-file header are updated to match the paused SPEC.md link so execution state is unambiguous.specs/projects/sdk/paused/INDEX.md-6-27 (1)
6-27:⚠️ Potential issue | 🟠 MajorMove the substantive paused-work narrative out of
INDEX.md.This file is doing overview work: rationale, scope state, and execution policy. In this repo,
INDEX.mdis supposed to be navigation only. Please move the prose toOVERVIEW.mdand keep this page as a table-of-contents entrypoint.As per coding guidelines "Use 'INDEX.md' as navigation only (entrypoint/table of contents); use 'OVERVIEW.md' for substantive context (architecture/scope/status summary)".
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/paused/INDEX.md` around lines 6 - 27, The INDEX.md currently contains substantive narrative sections ("Why This Exists", "Paused Workstreams", "Usage Rule") that should be moved into OVERVIEW.md; cut the prose under those headings from INDEX.md and paste it into OVERVIEW.md (preserving the headings and links to the individual specs like "Native Shells", "Native Consolidation", "RN SDK", "Integrations / MiniPay Sample"), then reduce INDEX.md to a pure navigation/TOC that links to the new OVERVIEW.md and the paused spec directories, ensuring internal links remain valid and the INDEX.md only contains entrypoint/navigation content.specs/projects/sdk/paused/rn-sdk/plans/RN-02-npm-publishing-readiness.md-31-31 (1)
31-31:⚠️ Potential issue | 🟠 MajorKeep the plan status consistent with the paused spec.
After this path change, the file still advertises
Status: Readyat Line 4. That contradiction will send readers down the wrong execution path when they land here directly.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/paused/rn-sdk/plans/RN-02-npm-publishing-readiness.md` at line 31, Update the plan's status line that currently reads "Status: Ready" to match the paused spec (e.g., change it to "Status: Paused") in RN-02-npm-publishing-readiness.md; also scan the file for any other status mentions or frontmatter/badges and make them consistent with the paused spec so readers don't get conflicting execution guidance.specs/projects/sdk/paused/INDEX.md-12-23 (1)
12-23:⚠️ Potential issue | 🟠 MajorUpdate AGENTS.md and CLAUDE.md to acknowledge paused workstreams are in a separate directory.
The physical migration of rn-sdk and native-consolidation specs to
specs/projects/sdk/paused/is complete and correctly referenced internally. However, AGENTS.md and CLAUDE.md still describespecs/projects/sdk/workstreams/as the home for all workstream specs without mentioning thepaused/subdirectory. Developers reading the architectural guidance will not find these workstreams under the documented path.Add a note in AGENTS.md (after line 232) and CLAUDE.md (after line 59) clarifying: "Paused workstreams are organized under
specs/projects/sdk/paused/with the sameSPEC.mdstructure."🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/paused/INDEX.md` around lines 12 - 23, Update AGENTS.md and CLAUDE.md to note the paused-workstreams location: in each file, find the section that describes the location of SDK workstream specs (the paragraph that references "specs/projects/sdk/workstreams/") and append the sentence "Paused workstreams are organized under `specs/projects/sdk/paused/` with the same `SPEC.md` structure." so readers know rn-sdk and native-consolidation live in the paused subdirectory.specs/projects/sdk/workstreams/webview/SPEC.md-106-114 (1)
106-114:⚠️ Potential issue | 🟠 MajorFix the
mobile-sdk-alphaworkspace name in the validation commands.The spec currently tells readers to run
yarn workspace@selfxyz/mobile-sdk-alpha..., which does not match the repo's documented workspace selector. That makes the main validation block unreliable for anyone following the active workstream verbatim.Suggested spec change
```bash -yarn workspace `@selfxyz/mobile-sdk-alpha` test -yarn workspace `@selfxyz/mobile-sdk-alpha` types +yarn workspace selfxyz/mobile-sdk-alpha test +yarn workspace selfxyz/mobile-sdk-alpha types yarn workspace `@selfxyz/webview-app` build</details> Based on learnings, applies to `packages/mobile-sdk-alpha/**`: Run unit tests for `selfxyz/mobile-sdk-alpha` workspace with `yarn workspace selfxyz/mobile-sdk-alpha test`. <details> <summary>🤖 Prompt for AI Agents</summary>Verify each finding against the current code and only fix it if needed.
In
@specs/projects/sdk/workstreams/webview/SPEC.mdaround lines 106 - 114,
Update the validation commands to use the correct workspace selector: replace
occurrences of "@selfxyz/mobile-sdk-alpha" with "selfxyz/mobile-sdk-alpha" in
the Validation block so the commands read "yarn workspace
selfxyz/mobile-sdk-alpha test" and "yarn workspace selfxyz/mobile-sdk-alpha
types" (leave "yarn workspace@selfxyz/webview-appbuild" unchanged); ensure
references to the mobile SDK workspace (packages/mobile-sdk-alpha/**) use the
corrected selector throughout the SPEC.md section.</details> </blockquote></details> <details> <summary>specs/projects/sdk/workstreams/webview/SPEC.md-47-52 (1)</summary><blockquote> `47-52`: _⚠️ Potential issue_ | _🟠 Major_ **Add an active plan for WV-04 before treating the WebView path as executable.** `WV-04` is the only backlog item that defines how launch/dismiss/final results reach the host, but it has no plan while the completion checklist already requires that contract to be clear. Cross-file, `packages/mobile-sdk-alpha/src/types/events.ts` already emits `VERIFICATION_COMPLETE`, and `packages/webview-bridge/src/adapters/lifecycle.ts` still needs an explicit `setResult()` call. Without a concrete WV-04 plan, the active spec leaves terminal result delivery undefined and risks hosts never receiving completion payloads. <details> <summary>Suggested spec change</summary> ```diff | ID | Title | Status | Priority | Depends On | Plan | Notes | | ----- | ----------------------------------------------------------------------------------------------- | ------ | -------- | ---------- | ------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | | WV-01 | Dynamic proof request items sourced from request context | Ready | High | - | [plans/WV-01-dynamic-proof-request-items.md](./plans/WV-01-dynamic-proof-request-items.md) | Existing active follow-up | | WV-02 | Define the KYC-provider contract for document capture, MRZ/liveness handoff, and result mapping | Ready | High | - | [plans/WV-02-kyc-provider-contract.md](./plans/WV-02-kyc-provider-contract.md) | Provider-backed path replaces Self-owned native scan flow | | WV-03 | Remove native NFC and native-scan assumptions from active WebView screens, copy, and docs | Ready | High | WV-02 | - | Active UX/docs should match the WebView-only scope | -| WV-04 | Define the host callback contract for launch, dismiss, and final result without native modules | Ready | Medium | WV-02 | - | Build on existing `SdkInitialConfig` and `VERIFICATION_COMPLETE` work; define only the WebView-host transport and embedding delta | +| WV-04 | Define the host callback contract for launch, dismiss, and final result without native modules | Ready | Medium | WV-02 | [plans/WV-04-host-callback-contract.md](./plans/WV-04-host-callback-contract.md) | Define who subscribes to `VERIFICATION_COMPLETE` and how terminal states are forwarded to `lifecycle.setResult()` |Also applies to: 56-68
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/workstreams/webview/SPEC.md` around lines 47 - 52, WV-04 currently lacks an actionable plan to deliver terminal results to hosts; add a concrete plan that specifies the host callback contract (how launch, dismiss, and final result are transported) and implement the missing wiring: update the SPEC entry for WV-04 with steps and acceptance criteria, ensure SdkInitialConfig documents the host callback interface, confirm packages/mobile-sdk-alpha/src/types/events.ts emits VERIFICATION_COMPLETE with the final payload shape, and add an explicit setResult() invocation in packages/webview-bridge/src/adapters/lifecycle.ts to deliver that payload to the host..github/workflows/webview-app-ci.yml-29-30 (2)
29-30:⚠️ Potential issue | 🟠 MajorTrigger this workflow on
mobile-sdk-alphachanges too.This workflow now depends on
packages/mobile-sdk-alpha, but thepull_requestandpushpath filters still exclude that workspace. As written, SDK-only changes can break the webview app path without running this CI at all.Suggested change
on: pull_request: paths: + - "packages/mobile-sdk-alpha/**" - "packages/webview-app/**" - "packages/webview-bridge/**" - ".github/workflows/webview-app-ci.yml" - ".github/actions/**" push: branches: [dev, staging, main] paths: + - "packages/mobile-sdk-alpha/**" - "packages/webview-app/**" - "packages/webview-bridge/**" - ".github/workflows/webview-app-ci.yml" - ".github/actions/**"Also applies to: 43-44
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.github/workflows/webview-app-ci.yml around lines 29 - 30, The workflow is missing triggers for changes in the mobile SDK workspace; update the pull_request and push path filters to include the mobile SDK package so SDK-only changes run this CI. Add "packages/mobile-sdk-alpha/**" (or the workspace path you use) to the path arrays referenced by the workflow triggers and ensure both occurrences mentioned near the "Build mobile-sdk-alpha" job are updated (the first occurrence and the second occurrence around lines 43-44) so the push and pull_request filters include that package.
29-30:⚠️ Potential issue | 🟠 MajorUse the TS-only SDK build here.
@selfxyz/mobile-sdk-alpha’sbuildscript also runs the Android and iOS build steps. These webview jobs only need the generated JS/typings behind the package exports, so this change makes webview CI depend on native build plumbing for no product benefit. Please switch these steps tobuild:ts-only.Suggested change
- - name: Build mobile-sdk-alpha - run: yarn workspace `@selfxyz/mobile-sdk-alpha` build + - name: Build mobile-sdk-alpha + run: yarn workspace `@selfxyz/mobile-sdk-alpha` build:ts-only ... - - name: Build mobile-sdk-alpha - run: yarn workspace `@selfxyz/mobile-sdk-alpha` build + - name: Build mobile-sdk-alpha + run: yarn workspace `@selfxyz/mobile-sdk-alpha` build:ts-onlyBased on learnings: When infrastructure issues like NDK version misalignment are identified during feature PRs, the team prefers to defer these to separate follow-up PRs to maintain focused scope and avoid scope creep.
Also applies to: 43-44
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.github/workflows/webview-app-ci.yml around lines 29 - 30, The workflow currently runs the full build for `@selfxyz/mobile-sdk-alpha` (the step named "Build mobile-sdk-alpha"), which triggers native Android/iOS packaging; change the run command to invoke the TypeScript-only build script (use yarn workspace `@selfxyz/mobile-sdk-alpha` run build:ts-only) so the webview CI only produces JS/typings and avoids native build plumbing—update the same occurrences for the other identical steps mentioned (lines around the other Build mobile-sdk-alpha steps)..github/workflows/webview-bridge-ci.yml-27-28 (2)
27-28:⚠️ Potential issue | 🟠 MajorBuild
mobile-sdk-alphain thetestjob too.These additions only fix
buildandtypes. GitHub Actions jobs are isolated, so thetestjob still runs from a clean checkout without the SDK’s generateddistfiles, even though@selfxyz/webview-bridgenow imports@selfxyz/mobile-sdk-alpha/adapters/browser.Suggested change
test: runs-on: ubuntu-latest timeout-minutes: 15 steps: - uses: actions/checkout@v6 - name: Install dependencies uses: ./.github/actions/yarn-install + - name: Build mobile-sdk-alpha + run: yarn workspace `@selfxyz/mobile-sdk-alpha` build:ts-only - name: Test run: yarn workspace `@selfxyz/webview-bridge` testAlso applies to: 39-40
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.github/workflows/webview-bridge-ci.yml around lines 27 - 28, The test job is missing the build step for the `@selfxyz/mobile-sdk-alpha` workspace so it runs without generated dist files; add the same step used in the build job into the test job (run: yarn workspace `@selfxyz/mobile-sdk-alpha` build, and if you also generate types run the types step as well) before the test steps so `@selfxyz/webview-bridge` can import `@selfxyz/mobile-sdk-alpha/adapters/browser`; apply the same addition for the duplicate occurrence referenced around lines 39-40.
27-28:⚠️ Potential issue | 🟠 MajorBuild only the SDK’s TS artifacts in this workflow.
The new steps call the full
@selfxyz/mobile-sdk-alphabuild, which also includes native Android/iOS build work. WebView Bridge CI only needs the exported JS bundle and typings, so this broadens the failure surface and likely explains the current workflow breakage. Usebuild:ts-onlyinstead.Suggested change
- - name: Build mobile-sdk-alpha - run: yarn workspace `@selfxyz/mobile-sdk-alpha` build + - name: Build mobile-sdk-alpha + run: yarn workspace `@selfxyz/mobile-sdk-alpha` build:ts-only ... - - name: Build mobile-sdk-alpha - run: yarn workspace `@selfxyz/mobile-sdk-alpha` build + - name: Build mobile-sdk-alpha + run: yarn workspace `@selfxyz/mobile-sdk-alpha` build:ts-onlyBased on learnings: When infrastructure issues like NDK version misalignment are identified during feature PRs, the team prefers to defer these to separate follow-up PRs to maintain focused scope and avoid scope creep.
Also applies to: 39-40
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.github/workflows/webview-bridge-ci.yml around lines 27 - 28, The workflow currently runs the full SDK build step named "Build mobile-sdk-alpha" which triggers native Android/iOS tasks; change that command to invoke the SDK's TypeScript-only build script instead by replacing the full build invocation for `@selfxyz/mobile-sdk-alpha` with the package script that runs build:ts-only (i.e., call the workspace script for build:ts-only) so the job only exports the JS bundle and typings and avoids native build failures.
🟡 Minor comments (1)
specs/projects/sdk/paused/integrations/SPEC.md-6-8 (1)
6-8:⚠️ Potential issue | 🟡 MinorFix markdown formatting in pause note blockquote.
The blank line at line 7 triggers a markdownlint warning (MD028). Remove the blank line between lines 6 and 8 to fix this.
🔧 Proposed fix
> Status: Paused - > Pause note: As of 2026-03-11, the active SDK delivery scope is WebView-only with no custom native modules. This KMP integration sample is retained for future reuse and should not drive current delivery.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/paused/integrations/SPEC.md` around lines 6 - 8, The blockquote contains an extra blank line causing markdownlint MD028; remove the blank line so the quoted lines are contiguous (ensure both lines start with "> " so the "Status: Paused" and "Pause note: As of 2026-03-11..." entries form a single blockquote), i.e., collapse the blank line between the "> Status: Paused" and "> Pause note: ..." lines in SPEC.md.
🧹 Nitpick comments (6)
specs/projects/sdk/workstreams/webview/plans/WV-02-kyc-provider-contract.md (2)
58-67: Make validation criteria more specific and verifiable.The validation command searches for legacy terms but doesn't verify that new contract definitions were added. Consider:
- Adding positive assertions:
rg -n "provider contract|provider-owned|KYC provider" specs/projects/sdk/workstreams/webview/SPEC.md- Making expected results specific: "SPEC.md should contain 'provider contract' and NOT contain 'Self-managed native capture'"
- Adding a check that contract schemas reference existing types:
rg -n "MrzScanResult|NfcScanParams|SelfAppDisclosureConfig"🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/workstreams/webview/plans/WV-02-kyc-provider-contract.md` around lines 58 - 67, Update the validation step to include positive assertions and precise expected results: run rg for new terms (e.g., "provider contract|provider-owned|KYC provider") against specs/projects/sdk/workstreams/webview/SPEC.md, assert SPEC.md contains "provider contract" and does NOT contain "Self-managed native capture", and add an additional grep for contract schema type references such as "MrzScanResult|NfcScanParams|SelfAppDisclosureConfig" to ensure the new contract definitions reference existing types.
37-37: Remove vague "optional follow-up" language."Optional follow-up references in active specs if the provider contract changes terminology" is imprecise. Either specify which specs need updates or remove this line. If terminology changes are uncertain, add this to "Questions to Resolve."
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/workstreams/webview/plans/WV-02-kyc-provider-contract.md` at line 37, Remove or replace the vague sentence "optional follow-up references in active specs if the provider contract changes terminology": either list the specific specs that would require updates (e.g., name the active spec IDs or sections) or move this uncertainty into the "Questions to Resolve" section; update the line in WV-02-kyc-provider-contract.md (the sentence currently under the plan notes) accordingly so it is either concrete (named specs) or removed and referenced as a question.specs/archive/SPECS-REORG-PLAN.md (2)
78-86: Consider adding placement guidance for paused workstreams.The placement rules describe archiving completed specs but don't address paused workstreams. Since this PR introduces
paused/as a new organizational concept, consider adding a rule clarifying the distinction between paused work (may resume) and archived work (completed/retired).📋 Suggested rule addition
5. New implementation specs should include: `Owner`, `Status`, `Last updated`, `Validation commands`. -6. When a spec is fully done: add a row to `specs/ARCHIVE.md` with outcome + key decisions. Either delete the source files (if the "What Was Built" appendix was added per SPEC-GUIDE) or move them to `specs/archive/<project>/`. Workstream OVERVIEW.md files stay until the workstream itself is retired. +6. Paused workstreams go under `projects/<project>/paused/` and retain their active structure, as they may resume. +7. When a spec is fully done: add a row to `specs/ARCHIVE.md` with outcome + key decisions. Either delete the source files (if the "What Was Built" appendix was added per SPEC-GUIDE) or move them to `specs/archive/<project>/`. Workstream OVERVIEW.md files stay until the workstream itself is retired.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/archive/SPECS-REORG-PLAN.md` around lines 78 - 86, Add a new placement rule clarifying "paused" workstreams: define where paused specs live (e.g., a paused/ subfolder under the project like specs/projects/<project>/paused or a top-level specs/paused/ for multi-project pauses), state that paused items are distinct from archived items (they remain draft/editable and should NOT be listed in specs/ARCHIVE.md until retired), and include required metadata (Owner, Status=Paused, Last updated, Expected review date) and a brief guideline in the Placement Rules section to help maintainers decide when to move a spec from paused → archive or back into active folders.
3-5: Update document metadata to reflect current changes.The "Last updated" date shows March 5, 2026, but this PR is from March 11, 2026. Additionally, the status shows "Complete" while the document is being actively modified. Update both fields to accurately reflect the current state.
📝 Suggested metadata update
-Last updated: March 5, 2026 +Last updated: March 11, 2026 Owner: SDK/specs maintainers -Status: Complete +Status: In Progress (Paused workstreams update)🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/archive/SPECS-REORG-PLAN.md` around lines 3 - 5, Update the document metadata: change the "Last updated" line from "March 5, 2026" to "March 11, 2026" and change the "Status" value from "Complete" to "In Progress" (or another accurate active state) so the top-of-file fields reflect the current PR and ongoing edits; update the Owner line only if ownership has changed.specs/projects/sdk/paused/native-consolidation/SPEC.md (1)
7-7: Minor: Fix markdownlint warning.Static analysis flagged a blank line inside the blockquote (MD028).
📝 Proposed fix
> Status: Paused (local Phases 0-2 done; remaining follow-ups parked) - > Pause note: As of 2026-03-11, active SDK delivery is WebView-only with no custom native modules. This workstream is retained for future native reuse and should not drive current delivery.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/paused/native-consolidation/SPEC.md` at line 7, Remove the stray blank line inside the blockquote in SPEC.md that triggers MD028; edit the quoted section (lines starting with '>') to ensure there are no empty lines between consecutive blockquote lines so the blockquote is contiguous (remove the blank line between the '>' prefixed lines).packages/webview-bridge/src/adapters/index.ts (1)
60-67: Consider a cleaner type cast for the no-op haptic wrapper.The
as nevercast on line 65 is a bit aggressive—it completely bypasses type checking. While this is safe for a no-op implementation, a more explicit approach would improve maintainability:♻️ Suggested improvement
export function noOpHapticAdapter(): BridgeHapticAdapter { const trigger = createNoOpHapticAdapter(); return { trigger(type: string): void { - trigger(type as never); + // The underlying no-op accepts HapticType | 'custom', but BridgeHapticAdapter + // exposes a broader string type. Safe since the implementation is empty. + trigger(type as Parameters<typeof trigger>[0]); }, }; }🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@packages/webview-bridge/src/adapters/index.ts` around lines 60 - 67, The wrapper uses an aggressive `as never` cast in noOpHapticAdapter.trigger; instead make the no-op adapter types align so no cast is needed: update createNoOpHapticAdapter so its returned function accepts the same parameter type as BridgeHapticAdapter.trigger (e.g., (type: string) => void) and then remove the `as never` cast in noOpHapticAdapter so trigger(type) is called directly; refer to noOpHapticAdapter, createNoOpHapticAdapter, and BridgeHapticAdapter.trigger to locate and adjust the signatures.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Outside diff comments:
In `@specs/archive/SPECS-REORG-PLAN.md`:
- Around line 45-50: Update the target structure under workstreams to match the
migration map by adding a paused/ subdirectory and moving the three paused
workstreams into it: replace entries native-shells/, integrations/, and rn-sdk/
under workstreams/ with a paused/ folder that contains native-shells/,
integrations/, and rn-sdk/ so the directory list and the migration map are
consistent.
---
Major comments:
In @.github/workflows/webview-app-ci.yml:
- Around line 29-30: The workflow is missing triggers for changes in the mobile
SDK workspace; update the pull_request and push path filters to include the
mobile SDK package so SDK-only changes run this CI. Add
"packages/mobile-sdk-alpha/**" (or the workspace path you use) to the path
arrays referenced by the workflow triggers and ensure both occurrences mentioned
near the "Build mobile-sdk-alpha" job are updated (the first occurrence and the
second occurrence around lines 43-44) so the push and pull_request filters
include that package.
- Around line 29-30: The workflow currently runs the full build for
`@selfxyz/mobile-sdk-alpha` (the step named "Build mobile-sdk-alpha"), which
triggers native Android/iOS packaging; change the run command to invoke the
TypeScript-only build script (use yarn workspace `@selfxyz/mobile-sdk-alpha` run
build:ts-only) so the webview CI only produces JS/typings and avoids native
build plumbing—update the same occurrences for the other identical steps
mentioned (lines around the other Build mobile-sdk-alpha steps).
In @.github/workflows/webview-bridge-ci.yml:
- Around line 27-28: The test job is missing the build step for the
`@selfxyz/mobile-sdk-alpha` workspace so it runs without generated dist files; add
the same step used in the build job into the test job (run: yarn workspace
`@selfxyz/mobile-sdk-alpha` build, and if you also generate types run the types
step as well) before the test steps so `@selfxyz/webview-bridge` can import
`@selfxyz/mobile-sdk-alpha/adapters/browser`; apply the same addition for the
duplicate occurrence referenced around lines 39-40.
- Around line 27-28: The workflow currently runs the full SDK build step named
"Build mobile-sdk-alpha" which triggers native Android/iOS tasks; change that
command to invoke the SDK's TypeScript-only build script instead by replacing
the full build invocation for `@selfxyz/mobile-sdk-alpha` with the package script
that runs build:ts-only (i.e., call the workspace script for build:ts-only) so
the job only exports the JS bundle and typings and avoids native build failures.
In `@specs/ARCHIVE.md`:
- Line 15: The ARCHIVE entry for
`specs/projects/sdk/paused/rn-sdk/SPEC-MRZ-CONSOLIDATION.md` was marked retired
on 2026-03-06 while its Final PR list still contains `PR `#2` (pending)`—remove or
defer archiving until the pending PR is merged; either delete the row for
`SPEC-MRZ-CONSOLIDATION.md` from ARCHIVE.md or update the Final PRs to only
reference merged PRs (e.g., keep `PR `#1817`` only) and add the archive row back
once `PR `#2`` is no longer pending.
- Line 11: The archive entry using the glob `specs/projects/kmp/*` in ARCHIVE.md
is non-auditable; update that line to list the specific retired spec filenames
(e.g., `specs/projects/kmp/README.md`, `specs/projects/kmp/PROPOSAL.md`, etc.)
or replace the glob with the concrete parent document such as
`specs/projects/kmp/INDEX.md` or `specs/projects/kmp/OVERVIEW.md` so readers can
verify exactly which files were archived and confirm references were updated;
ensure the updated entry preserves the original date and rationale columns.
In `@specs/projects/sdk/paused/INDEX.md`:
- Around line 6-27: The INDEX.md currently contains substantive narrative
sections ("Why This Exists", "Paused Workstreams", "Usage Rule") that should be
moved into OVERVIEW.md; cut the prose under those headings from INDEX.md and
paste it into OVERVIEW.md (preserving the headings and links to the individual
specs like "Native Shells", "Native Consolidation", "RN SDK", "Integrations /
MiniPay Sample"), then reduce INDEX.md to a pure navigation/TOC that links to
the new OVERVIEW.md and the paused spec directories, ensuring internal links
remain valid and the INDEX.md only contains entrypoint/navigation content.
- Around line 12-23: Update AGENTS.md and CLAUDE.md to note the
paused-workstreams location: in each file, find the section that describes the
location of SDK workstream specs (the paragraph that references
"specs/projects/sdk/workstreams/") and append the sentence "Paused workstreams
are organized under `specs/projects/sdk/paused/` with the same `SPEC.md`
structure." so readers know rn-sdk and native-consolidation live in the paused
subdirectory.
In
`@specs/projects/sdk/paused/native-consolidation/plans/NC-04-phase-3-shim-cleanup.md`:
- Line 30: The plan header/status block still shows the plan as "Ready" while
the SPEC.md link targets the paused native-consolidation spec; edit the plan
header in NC-04-phase-3-shim-cleanup.md to reflect the paused state (replace any
"Ready" / status: Ready with "Paused" or status: Paused) and ensure the status
metadata and any state tags in the top-of-file header are updated to match the
paused SPEC.md link so execution state is unambiguous.
In
`@specs/projects/sdk/paused/native-consolidation/plans/NC-06-external-mrz-nfc-inventory.md`:
- Around line 34-35: The plan's status header still reads "Ready" while the two
links (`specs/projects/sdk/paused/native-consolidation/SPEC.md` and
`.../CONTRACTS.md`) move this into the paused set; update the header text (the
top-level status line currently "Ready") to "Paused" (or "Status: Paused") to
match the linked paused docs and ensure the plan's metadata/status field in
NC-06-external-mrz-nfc-inventory.md aligns with the paused native-consolidation
grouping.
In `@specs/projects/sdk/paused/native-shells/plans/NS-04-apdu-allowlist.md`:
- Line 33: Update AGENTS.md and CLAUDE.md to reflect that workstreams may be
paused or archived outside the active workstreams folder: locate the sentence
that reads "the relevant workstream `SPEC.md` under
`specs/projects/sdk/workstreams/`" and modify it to either add a parenthetical
note that paused/archived specs live under `specs/projects/sdk/paused/` (e.g.,
"or in `specs/projects/sdk/paused/` for paused workstreams") or add a short
paragraph documenting both locations and how to find paused specs; ensure both
files contain the same wording and that any references to locating SPEC.md
include the paused path.
In
`@specs/projects/sdk/paused/rn-sdk/plans/RN-01-self-wallet-integration-validation.md`:
- Line 32: Update the plan's own metadata to mark it paused: in
RN-01-self-wallet-integration-validation.md locate the Status: field (currently
"Status: Ready") and change it to "Status: Paused" so the plan's header and its
referenced spec (was specs/projects/sdk/paused/rn-sdk/SPEC.md) consistently
indicate the paused state; ensure any other metadata fields in the same file
that imply executability are adjusted to match the paused status.
In `@specs/projects/sdk/paused/rn-sdk/plans/RN-02-npm-publishing-readiness.md`:
- Line 31: Update the plan's status line that currently reads "Status: Ready" to
match the paused spec (e.g., change it to "Status: Paused") in
RN-02-npm-publishing-readiness.md; also scan the file for any other status
mentions or frontmatter/badges and make them consistent with the paused spec so
readers don't get conflicting execution guidance.
In `@specs/projects/sdk/paused/rn-sdk/SPEC.md`:
- Around line 87-88: Update the "Active Plans" section in SPEC.md so it no
longer lists items marked as Paused: locate the table rows referencing
plans/RN-01-self-wallet-integration-validation.md and
plans/RN-02-npm-publishing-readiness.md (IDs RN-01 and RN-02) and either move
those rows into a new "Paused / On Hold" table or split the section into
separate "Active Plans" and "Paused Plans" tables; update the section heading
text and any explanatory intro so the spec's single source of truth reflects
each plan's current status.
In
`@specs/projects/sdk/workstreams/sdk-core/plans/SC-01-fallback-adapter-dedup.md`:
- Around line 3-4: Update the plan so it isn't marked "Done" until you attach
concrete traceability and validation evidence: replace the TBD placeholders for
"Branch"/"PR" with the actual branch name and PR link and include the repo
validation results (logs, checklist or test-summary) referenced in the "repo
validation" section; if that evidence is not yet available, change the "Status"
field from "Done" to a non-final state (e.g., "In progress" or "Pending
validation") and add a short "Next steps / owner / expected date" entry. Also
remove any feel-good or non-actionable text per the docs guideline and apply the
same fixes to the other referenced sections (the blocks around lines 59-61 and
66-67) so all validation and traceability fields are either populated or marked
pending with owners.
In `@specs/projects/sdk/workstreams/webview/plans/WV-02-kyc-provider-contract.md`:
- Line 4: The file currently shows "Status: Ready" while the "Definition of
Done" checklist (the block under that heading) is all unchecked and "Questions
to Resolve" lists unresolved items; update the plan so the status accurately
reflects its state by either changing the top-line "Status: Ready" to "Status:
Draft" or by resolving and checking off each item in the "Definition of Done"
and answering the open items under "Questions to Resolve" (refer to those exact
headings to find the checklist and questions to update).
- Around line 51-56: Map the provider contract outputs explicitly to the
existing types: ensure MRZ outputs populate MrzScanResult fields
(documentNumber, dateOfBirth, dateOfExpiry), ensure NFC outputs satisfy
NfcScanParams required fields (passportNumber, dateOfBirth, dateOfExpiry), and
ensure disclosure outputs map to SelfAppDisclosureConfig keys (issuing_state,
name, passport_number, nationality, date_of_birth, gender, expiry_date); denote
which of these fields are required vs optional in the contract and include any
necessary transformations or canonical naming (e.g., passportNumber ->
passport_number) so downstream Self proof steps can consume them without
additional mapping.
- Around line 20-24: Rename this planning document to indicate it's a meta-plan
(e.g., add "plan" or "draft" in the title), rewrite the three repetitive
"Define" bullets to varied verbs ("Specify the minimum request payload",
"Document the normalized result payload", "Describe failure/cancellation
semantics"), and add a new section that includes draft contract schemas mapping
provider fields to existing types—explicitly reference MrzScanResult,
NfcScanParams, and SelfAppDisclosureConfig—and include example request/response
field mappings and required downstream fields for MRZ/liveness so implementers
can see exactly which attributes must be produced and consumed.
In `@specs/projects/sdk/workstreams/webview/SPEC.md`:
- Around line 106-114: Update the validation commands to use the correct
workspace selector: replace occurrences of "@selfxyz/mobile-sdk-alpha" with
"selfxyz/mobile-sdk-alpha" in the Validation block so the commands read "yarn
workspace selfxyz/mobile-sdk-alpha test" and "yarn workspace
selfxyz/mobile-sdk-alpha types" (leave "yarn workspace `@selfxyz/webview-app`
build" unchanged); ensure references to the mobile SDK workspace
(packages/mobile-sdk-alpha/**) use the corrected selector throughout the SPEC.md
section.
- Around line 47-52: WV-04 currently lacks an actionable plan to deliver
terminal results to hosts; add a concrete plan that specifies the host callback
contract (how launch, dismiss, and final result are transported) and implement
the missing wiring: update the SPEC entry for WV-04 with steps and acceptance
criteria, ensure SdkInitialConfig documents the host callback interface, confirm
packages/mobile-sdk-alpha/src/types/events.ts emits VERIFICATION_COMPLETE with
the final payload shape, and add an explicit setResult() invocation in
packages/webview-bridge/src/adapters/lifecycle.ts to deliver that payload to the
host.
In `@specs/topics/SECURITY-HARDENING.md`:
- Around line 11-25: Update AGENTS.md and CLAUDE.md to replace any legacy
references to the old SDK workstream paths with the new paused paths mentioned
in SECURITY-HARDENING.md: change references to
specs/projects/sdk/paused/native-shells/SPEC.md and
specs/projects/sdk/paused/rn-sdk/SPEC.md; search both AGENTS.md and CLAUDE.md
for occurrences of the previous paths or workstream IDs (e.g., NS-04, NS-05,
RN-03) and update the links/text to the exact new paused/ paths, ensuring link
formatting and surrounding context match existing document style.
---
Minor comments:
In `@specs/projects/sdk/paused/integrations/SPEC.md`:
- Around line 6-8: The blockquote contains an extra blank line causing
markdownlint MD028; remove the blank line so the quoted lines are contiguous
(ensure both lines start with "> " so the "Status: Paused" and "Pause note: As
of 2026-03-11..." entries form a single blockquote), i.e., collapse the blank
line between the "> Status: Paused" and "> Pause note: ..." lines in SPEC.md.
---
Nitpick comments:
In `@packages/webview-bridge/src/adapters/index.ts`:
- Around line 60-67: The wrapper uses an aggressive `as never` cast in
noOpHapticAdapter.trigger; instead make the no-op adapter types align so no cast
is needed: update createNoOpHapticAdapter so its returned function accepts the
same parameter type as BridgeHapticAdapter.trigger (e.g., (type: string) =>
void) and then remove the `as never` cast in noOpHapticAdapter so trigger(type)
is called directly; refer to noOpHapticAdapter, createNoOpHapticAdapter, and
BridgeHapticAdapter.trigger to locate and adjust the signatures.
In `@specs/archive/SPECS-REORG-PLAN.md`:
- Around line 78-86: Add a new placement rule clarifying "paused" workstreams:
define where paused specs live (e.g., a paused/ subfolder under the project like
specs/projects/<project>/paused or a top-level specs/paused/ for multi-project
pauses), state that paused items are distinct from archived items (they remain
draft/editable and should NOT be listed in specs/ARCHIVE.md until retired), and
include required metadata (Owner, Status=Paused, Last updated, Expected review
date) and a brief guideline in the Placement Rules section to help maintainers
decide when to move a spec from paused → archive or back into active folders.
- Around line 3-5: Update the document metadata: change the "Last updated" line
from "March 5, 2026" to "March 11, 2026" and change the "Status" value from
"Complete" to "In Progress" (or another accurate active state) so the
top-of-file fields reflect the current PR and ongoing edits; update the Owner
line only if ownership has changed.
In `@specs/projects/sdk/paused/native-consolidation/SPEC.md`:
- Line 7: Remove the stray blank line inside the blockquote in SPEC.md that
triggers MD028; edit the quoted section (lines starting with '>') to ensure
there are no empty lines between consecutive blockquote lines so the blockquote
is contiguous (remove the blank line between the '>' prefixed lines).
In `@specs/projects/sdk/workstreams/webview/plans/WV-02-kyc-provider-contract.md`:
- Around line 58-67: Update the validation step to include positive assertions
and precise expected results: run rg for new terms (e.g., "provider
contract|provider-owned|KYC provider") against
specs/projects/sdk/workstreams/webview/SPEC.md, assert SPEC.md contains
"provider contract" and does NOT contain "Self-managed native capture", and add
an additional grep for contract schema type references such as
"MrzScanResult|NfcScanParams|SelfAppDisclosureConfig" to ensure the new contract
definitions reference existing types.
- Line 37: Remove or replace the vague sentence "optional follow-up references
in active specs if the provider contract changes terminology": either list the
specific specs that would require updates (e.g., name the active spec IDs or
sections) or move this uncertainty into the "Questions to Resolve" section;
update the line in WV-02-kyc-provider-contract.md (the sentence currently under
the plan notes) accordingly so it is either concrete (named specs) or removed
and referenced as a question.
transphorm
changed the title
Member
Author
|
@coderabbitai full review |
Contributor
✅ Actions performedFull review triggered. |
Contributor
There was a problem hiding this comment.
Actionable comments posted: 9
🧹 Nitpick comments (5)
specs/projects/sdk/workstreams/sdk-core/SPEC.md (1)
793-793: Consider clarifying "active host callback surface" terminology.The phrase "active host callback surface" on line 793 mixes architectural terminology ("callback surface") with status terminology ("active"). While context suggests "active" means "not paused," this phrasing could be clearer. Consider either:
- Removing "active" if the host callback surface is the only one: "wire them into
SelfClientProviderand the host callback surface"- Or being explicit: "wire them into
SelfClientProviderand the in-scope host callback surface (paused native shells are out of scope)"🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/workstreams/sdk-core/SPEC.md` at line 793, The wording "active host callback surface" is ambiguous; update the SPEC text where Chunk 4C mentions wiring VERIFICATION_COMPLETE and SdkInitialConfig into SelfClientProvider and the host callback surface to use clearer terminology—either remove "active" (e.g., "wire them into SelfClientProvider and the host callback surface") or replace with an explicit phrase (e.g., "wire them into SelfClientProvider and the in-scope host callback surface (paused native shells are out of scope)") so readers understand scope; adjust the sentence that references VERIFICATION_COMPLETE and SdkInitialConfig accordingly.specs/projects/sdk/paused/rn-sdk/SPEC.md (1)
6-8: Minor: Fix blank line in blockquote.Static analysis flagged a blank line inside the blockquote at line 7. While minor, consider removing it for consistency.
♻️ Proposed fix
> Status: Paused - > Pause note: As of 2026-03-11, the active SDK delivery scope is WebView-only with no custom native modules. This RN shell is retained for future reuse and should not drive current delivery.Based on learnings: As per coding guidelines, signal over praise applies—this is a pedantic formatting detail that doesn't affect decisions.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/paused/rn-sdk/SPEC.md` around lines 6 - 8, Remove the stray blank line inside the blockquote so the two lines "Status: Paused" and the "Pause note: As of 2026-03-11..." appear consecutively with no empty line between them; locate the blockquote containing those exact strings in SPEC.md and delete the empty line separating them to restore consistent blockquote formatting.specs/projects/sdk/workstreams/webview/SPEC.md (1)
64-68: Update Completion Checklist to include plan file requirement.The Completion Checklist should include verification that every backlog item with non-Done status has a linked plan file, consistent with the execution model and native-consolidation SPEC pattern.
Suggested addition to Completion Checklist
## Completion Checklist - [ ] Active backlog reflects the WebView-only client scope +- [ ] Every Ready/In Progress backlog item has a linked plan file - [ ] KYC-provider dependency is explicit wherever scan/KYC UX is described🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/workstreams/webview/SPEC.md` around lines 64 - 68, Add a new checklist item to the Completion Checklist that requires every backlog item not marked Done to include a linked plan file; update the section containing the existing checklist lines (e.g., the items "Active backlog reflects the WebView-only client scope", "KYC-provider dependency...", etc.) to include a bullet like "Every non-Done backlog item has an associated plan file/link" and ensure the wording matches the SPEC's execution model/native-consolidation pattern.specs/projects/sdk/paused/INDEX.md (1)
6-27: Consider splitting substantive content from navigation.This INDEX.md contains substantive context ("Why This Exists", usage rules, and detailed explanations) in addition to navigation. Per coding guidelines, INDEX.md should be navigation only (entrypoint/table of contents), while OVERVIEW.md should contain substantive context like architecture/scope/status summaries.
Consider either:
- Keeping only the table of paused workstreams in INDEX.md and moving "Why This Exists" and "Usage Rule" to a separate OVERVIEW.md
- Renaming this file to OVERVIEW.md if navigation-only structure isn't needed here
As per coding guidelines: "Use 'INDEX.md' as navigation only (entrypoint/table of contents); use 'OVERVIEW.md' for substantive context (architecture/scope/status summary)."
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/paused/INDEX.md` around lines 6 - 27, This INDEX.md mixes navigation and substantive content: move the "Why This Exists" section and the "Usage Rule" section (the headings and their paragraphs) out of INDEX.md into a new or existing OVERVIEW.md so INDEX.md contains only the paused workstreams table (navigation), or alternatively rename this file to OVERVIEW.md if you intend it to remain a document with narrative; update any internal links that previously pointed to this INDEX.md accordingly and ensure INDEX.md becomes a pure TOC referencing the paused workstreams table and links to the new OVERVIEW.md.specs/projects/sdk/workstreams/webview/plans/WV-02-kyc-provider-contract.md (1)
53-56: Document resolution of open questions before implementation.The "Questions to Resolve" section contains important scoping and integration decisions. Ensure these questions are answered and documented (either in this plan or the WebView SPEC.md) before WV-02 moves to "In Progress" status to prevent mid-implementation scope drift.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@specs/projects/sdk/workstreams/webview/plans/WV-02-kyc-provider-contract.md` around lines 53 - 56, The "Questions to Resolve" block in WV-02-kyc-provider-contract.md must be answered and committed before changing the plan status: update WV-02-kyc-provider-contract.md (and/or WebView SPEC.md) with explicit decisions for whether the spec is provider-agnostic or names Sumsub, the exact return flow (same WebView route vs hosted callback URL vs parent-frame postMessage), which provider outputs are required for downstream Self proof steps vs stored only as KYC evidence, and the canonical mapping of provider cancellation/error outcomes to Self result semantics; ensure these answers are recorded as authoritative, linkable lines in the file, and add a gating note on the WV-02 plan requiring these documented resolutions before marking the task "In Progress."
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@specs/ARCHIVE.md`:
- Around line 14-15: Remove the two paused spec entries from ARCHIVE.md so they
are not marked as retired: delete the lines referencing
`specs/projects/sdk/paused/rn-sdk/SPEC-TEST-APP-CAMERA.md` and
`specs/projects/sdk/paused/rn-sdk/SPEC-MRZ-CONSOLIDATION.md`; ensure ARCHIVE.md
only lists truly retired specs and leave the files in
`specs/projects/sdk/paused/` (no further edits to those spec files).
In `@specs/archive/kmp/INDEX.md`:
- Around line 24-25: The INDEX.md still references old paths under
specs/projects/sdk/workstreams/* while the "Active Paths" point to
specs/projects/sdk/paused/*; update all remaining references of workstreams/* to
the new paused/* locations (e.g., change specs/projects/sdk/workstreams/... to
specs/projects/sdk/paused/native-shells/ and
specs/projects/sdk/paused/integrations/ as appropriate) and ensure the migration
tracking and changelog entries inside specs/, AGENTS.md, and CLAUDE.md are
updated to use the paused/* canonical paths so the index and all docs
consistently point to the same locations.
In `@specs/archive/sdk/SPEC-AGENT-OPTIMIZATION.md`:
- Line 158: Update the "After" directory model to include the retained target
path referenced in the proposal by adding a specs/sdk/paused/ subtree (at
minimum create specs/sdk/paused/native-shells/SPEC.md) or adjust the
retained-path reference to point to an existing location in the After tree;
ensure the plan’s directory diagram and any "After" tree entries explicitly list
"specs/sdk/paused/" and the file "native-shells/SPEC.md" so readers can see
whether paused/ is part of the flattened structure or an exception.
In `@specs/archive/SPECS-REORG-PLAN.md`:
- Around line 102-105: The plan still references person2/person3/person5 under
workstreams while the remap moves them to specs/projects/sdk/paused (see
`specs/person2-native-shells/*`, `specs/person3-integrations/*`,
`specs/person5-rn-sdk/*` -> `specs/projects/sdk/paused/...`); update the target
tree entries and all rollout phase mentions in this document to use
`specs/projects/sdk/paused/...` and ensure the same renames are applied across
the repository by updating any remaining references in the overall `specs/` tree
and the coordination docs `AGENTS.md` and `CLAUDE.md` so the archive plan,
rollout phases, and audit/replay guidance consistently point to the paused
targets.
In
`@specs/projects/sdk/paused/native-consolidation/plans/NC-06-external-mrz-nfc-inventory.md`:
- Around line 34-35: Update AGENTS.md and CLAUDE.md to reflect that some
workstream specs have been moved to the paused folder: change the documented
path pattern `specs/projects/sdk/workstreams/*/` (in AGENTS.md) and the
referenced examples in CLAUDE.md to either include
`specs/projects/sdk/paused/*/` as an accepted location or add a short note that
workstreams may be moved to `specs/projects/sdk/paused/` when deprioritized
(mention the native-consolidation spec as an example), and adjust any path
examples or search patterns accordingly so consumers will find paused specs.
In `@specs/projects/sdk/paused/native-shells/SPEC.md`:
- Around line 6-8: The SPEC.md file in paused/native-shells was moved but its
../... relative links now point to paused/ instead of the original active
locations; search SPEC.md for all "../" or sibling spec references (notably
links to the WebView and SDK Core specs) and update those hrefs to the correct
paths in their active workstream locations, and also update any corresponding
references across specs/, AGENTS.md, and CLAUDE.md so all links resolve to the
intended active documents rather than paused/native-shells copies.
In `@specs/projects/sdk/workstreams/sdk-core/SPEC.md`:
- Line 817: Replace the markdown link text
"[webview/SPEC.md](../webview/SPEC.md)" with a descriptive label (e.g., "Webview
Spec") while keeping the same target URL, so the table entry matches the style
of other rows; update the link text in the SPEC.md file where
"[webview/SPEC.md](../webview/SPEC.md)" appears.
- Around line 273-274: Update the placeholder comment for SelfAppConfig to
clarify ownership and timeline: identify which workstream/spec owns the "active
host config contract" and a brief expected timeline or blocking relationship,
state whether consumers (e.g., WebView UI) should avoid populating the selfApp
field until that contract is defined, and if needed suggest a temporary
constrained shape or validation strategy for SelfAppConfig (Record<string,
unknown>) and include a contact or issue reference for follow-up; ensure this
note references the type name SelfAppConfig and the selfApp field so readers can
locate it easily.
In `@specs/projects/sdk/workstreams/webview/SPEC.md`:
- Around line 47-52: Two Ready backlog items (WV-03 and WV-04) lack plan files;
create PR-sized plan markdowns named
plans/WV-03-remove-native-scan-assumptions.md and
plans/WV-04-host-callback-contract.md and populate each with the execution plan,
acceptance criteria, scope, and any dependencies so the SPEC table's Plan column
is no longer "-" for WV-03 and WV-04; reference the existing plans format (e.g.,
WV-01/WV-02) and include links back to the SPEC entries for WV-03 and WV-04.
---
Nitpick comments:
In `@specs/projects/sdk/paused/INDEX.md`:
- Around line 6-27: This INDEX.md mixes navigation and substantive content: move
the "Why This Exists" section and the "Usage Rule" section (the headings and
their paragraphs) out of INDEX.md into a new or existing OVERVIEW.md so INDEX.md
contains only the paused workstreams table (navigation), or alternatively rename
this file to OVERVIEW.md if you intend it to remain a document with narrative;
update any internal links that previously pointed to this INDEX.md accordingly
and ensure INDEX.md becomes a pure TOC referencing the paused workstreams table
and links to the new OVERVIEW.md.
In `@specs/projects/sdk/paused/rn-sdk/SPEC.md`:
- Around line 6-8: Remove the stray blank line inside the blockquote so the two
lines "Status: Paused" and the "Pause note: As of 2026-03-11..." appear
consecutively with no empty line between them; locate the blockquote containing
those exact strings in SPEC.md and delete the empty line separating them to
restore consistent blockquote formatting.
In `@specs/projects/sdk/workstreams/sdk-core/SPEC.md`:
- Line 793: The wording "active host callback surface" is ambiguous; update the
SPEC text where Chunk 4C mentions wiring VERIFICATION_COMPLETE and
SdkInitialConfig into SelfClientProvider and the host callback surface to use
clearer terminology—either remove "active" (e.g., "wire them into
SelfClientProvider and the host callback surface") or replace with an explicit
phrase (e.g., "wire them into SelfClientProvider and the in-scope host callback
surface (paused native shells are out of scope)") so readers understand scope;
adjust the sentence that references VERIFICATION_COMPLETE and SdkInitialConfig
accordingly.
In `@specs/projects/sdk/workstreams/webview/plans/WV-02-kyc-provider-contract.md`:
- Around line 53-56: The "Questions to Resolve" block in
WV-02-kyc-provider-contract.md must be answered and committed before changing
the plan status: update WV-02-kyc-provider-contract.md (and/or WebView SPEC.md)
with explicit decisions for whether the spec is provider-agnostic or names
Sumsub, the exact return flow (same WebView route vs hosted callback URL vs
parent-frame postMessage), which provider outputs are required for downstream
Self proof steps vs stored only as KYC evidence, and the canonical mapping of
provider cancellation/error outcomes to Self result semantics; ensure these
answers are recorded as authoritative, linkable lines in the file, and add a
gating note on the WV-02 plan requiring these documented resolutions before
marking the task "In Progress."
In `@specs/projects/sdk/workstreams/webview/SPEC.md`:
- Around line 64-68: Add a new checklist item to the Completion Checklist that
requires every backlog item not marked Done to include a linked plan file;
update the section containing the existing checklist lines (e.g., the items
"Active backlog reflects the WebView-only client scope", "KYC-provider
dependency...", etc.) to include a bullet like "Every non-Done backlog item has
an associated plan file/link" and ensure the wording matches the SPEC's
execution model/native-consolidation pattern.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: 6412c49e-ab9a-4d79-a83f-014c087c64fc
📒 Files selected for processing (37)
specs/ARCHIVE.mdspecs/README.mdspecs/archive/SPECS-REORG-PLAN.mdspecs/archive/kmp/INDEX.mdspecs/archive/sdk/SPEC-AGENT-OPTIMIZATION.mdspecs/archive/sdk/SPEC-MRZ-CONSOLIDATION.mdspecs/projects/sdk/INDEX.mdspecs/projects/sdk/OVERVIEW.mdspecs/projects/sdk/paused/INDEX.mdspecs/projects/sdk/paused/integrations/SPEC.mdspecs/projects/sdk/paused/integrations/plans/IN-01-sample-polish-and-error-handling.mdspecs/projects/sdk/paused/integrations/plans/IN-02-sample-physical-device-validation.mdspecs/projects/sdk/paused/native-consolidation/CONTRACTS.mdspecs/projects/sdk/paused/native-consolidation/PLAN.mdspecs/projects/sdk/paused/native-consolidation/SPEC.mdspecs/projects/sdk/paused/native-consolidation/plans/NC-01-phase-0-safety-rails.mdspecs/projects/sdk/paused/native-consolidation/plans/NC-02-phase-1-mrz-unification.mdspecs/projects/sdk/paused/native-consolidation/plans/NC-03-phase-2-passport-reader-parity.mdspecs/projects/sdk/paused/native-consolidation/plans/NC-04-phase-3-shim-cleanup.mdspecs/projects/sdk/paused/native-consolidation/plans/NC-05-phase-4-deletions-and-guardrails.mdspecs/projects/sdk/paused/native-consolidation/plans/NC-06-external-mrz-nfc-inventory.mdspecs/projects/sdk/paused/native-shells/SPEC.mdspecs/projects/sdk/paused/native-shells/plans/NS-01-physical-device-validation.mdspecs/projects/sdk/paused/native-shells/plans/NS-03-publishing-readiness.mdspecs/projects/sdk/paused/native-shells/plans/NS-04-apdu-allowlist.mdspecs/projects/sdk/paused/native-shells/plans/NS-05-lifecycle-handler-semantics.mdspecs/projects/sdk/paused/native-shells/plans/NS-06-kmp-callback-contract-alignment.mdspecs/projects/sdk/paused/native-shells/plans/NS-08-ship-artifacts-to-minipay.mdspecs/projects/sdk/paused/native-shells/plans/NS-09-nfcpassportreader-distribution.mdspecs/projects/sdk/paused/rn-sdk/SPEC.mdspecs/projects/sdk/paused/rn-sdk/plans/RN-01-self-wallet-integration-validation.mdspecs/projects/sdk/paused/rn-sdk/plans/RN-02-npm-publishing-readiness.mdspecs/projects/sdk/paused/rn-sdk/plans/RN-03-nfc-hardening.mdspecs/projects/sdk/workstreams/sdk-core/SPEC.mdspecs/projects/sdk/workstreams/webview/SPEC.mdspecs/projects/sdk/workstreams/webview/plans/WV-02-kyc-provider-contract.mdspecs/topics/SECURITY-HARDENING.md
| - Move `specs/projects/sdk/` → `specs/sdk/` (drop the `projects/` nesting) | ||
| - Move standalone docs into `specs/topics/` with descriptive filenames (no INDEX wrappers) | ||
| - Archive KMP skeleton docs (`kmp/ARCHITECTURE.md`, `kmp/INITIATIVE.md`, `kmp/REORG-PLAN.md`, `kmp/INDEX.md`) — the real KMP execution spec is `sdk/workstreams/native-shells/SPEC.md` | ||
| - Archive KMP skeleton docs (`kmp/ARCHITECTURE.md`, `kmp/INITIATIVE.md`, `kmp/REORG-PLAN.md`, `kmp/INDEX.md`) — the retained KMP execution spec now lives at `sdk/paused/native-shells/SPEC.md` |
Contributor
There was a problem hiding this comment.
The new retained-path target is missing from this plan’s own directory model.
This proposal’s “After” tree only creates specs/sdk/workstreams/..., not specs/sdk/paused/.... Pointing the retained KMP execution spec at sdk/paused/native-shells/SPEC.md introduces a destination the plan never defines, so readers can’t tell whether paused/ is part of the flattened structure or an exception.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@specs/archive/sdk/SPEC-AGENT-OPTIMIZATION.md` at line 158, Update the "After"
directory model to include the retained target path referenced in the proposal
by adding a specs/sdk/paused/ subtree (at minimum create
specs/sdk/paused/native-shells/SPEC.md) or adjust the retained-path reference to
point to an existing location in the After tree; ensure the plan’s directory
diagram and any "After" tree entries explicitly list "specs/sdk/paused/" and the
file "native-shells/SPEC.md" so readers can see whether paused/ is part of the
flattened structure or an exception.
Comment on lines
+102
to
+105
| - `specs/person2-native-shells/*` -> `specs/projects/sdk/paused/native-shells/*` | ||
| - `specs/person3-integrations/*` -> `specs/projects/sdk/paused/integrations/*` | ||
| - `specs/person4-sdk-core/*` -> `specs/projects/sdk/workstreams/sdk-core/*` | ||
| - `specs/person5-rn-sdk/*` -> `specs/projects/sdk/workstreams/rn-sdk/*` | ||
| - `specs/person5-rn-sdk/*` -> `specs/projects/sdk/paused/rn-sdk/*` |
Contributor
There was a problem hiding this comment.
Align the rest of this plan with the new paused targets.
These remaps now send person2, person3, and person5 into specs/projects/sdk/paused/..., but the same document still presents those streams under workstreams/ in the target tree and rollout phases. That leaves the archived migration plan self-contradictory and makes replay/audit guidance ambiguous.
As per coding guidelines, "When renaming/moving spec files, update all references in 'specs/', 'AGENTS.md', and 'CLAUDE.md' in the same change"
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@specs/archive/SPECS-REORG-PLAN.md` around lines 102 - 105, The plan still
references person2/person3/person5 under workstreams while the remap moves them
to specs/projects/sdk/paused (see `specs/person2-native-shells/*`,
`specs/person3-integrations/*`, `specs/person5-rn-sdk/*` ->
`specs/projects/sdk/paused/...`); update the target tree entries and all rollout
phase mentions in this document to use `specs/projects/sdk/paused/...` and
ensure the same renames are applied across the repository by updating any
remaining references in the overall `specs/` tree and the coordination docs
`AGENTS.md` and `CLAUDE.md` so the archive plan, rollout phases, and
audit/replay guidance consistently point to the paused targets.
Comment on lines
+273
to
274
| /** Placeholder until the active host config contract defines a concrete `selfApp` shape. */ | ||
| export type SelfAppConfig = Record<string, unknown>; |
Contributor
There was a problem hiding this comment.
Clarify the timeline and ownership for SelfAppConfig contract definition.
The placeholder comment references an "active host config contract" that will define the concrete shape, but doesn't specify which workstream owns this, when it will be defined, or what the current integration expectations are. If WebView UI or other consumers need to pass SelfAppConfig values before this contract is defined, the Record<string, unknown> type provides no type safety or validation.
Consider adding a coordination note that identifies:
- Which workstream/spec owns the host config contract
- Expected timeline or blocking relationship
- Whether consumers should avoid using
selfAppfield until the contract is defined
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@specs/projects/sdk/workstreams/sdk-core/SPEC.md` around lines 273 - 274,
Update the placeholder comment for SelfAppConfig to clarify ownership and
timeline: identify which workstream/spec owns the "active host config contract"
and a brief expected timeline or blocking relationship, state whether consumers
(e.g., WebView UI) should avoid populating the selfApp field until that contract
is defined, and if needed suggest a temporary constrained shape or validation
strategy for SelfAppConfig (Record<string, unknown>) and include a contact or
issue reference for follow-up; ensure this note references the type name
SelfAppConfig and the selfApp field so readers can locate it easily.
Comment on lines
+47
to
+52
| | ID | Title | Status | Priority | Depends On | Plan | Notes | | ||
| | ----- | ----------------------------------------------------------------------------------------------- | ------ | -------- | ---------- | ------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | | ||
| | WV-01 | Dynamic proof request items sourced from request context | Ready | High | - | [plans/WV-01-dynamic-proof-request-items.md](./plans/WV-01-dynamic-proof-request-items.md) | Existing active follow-up | | ||
| | WV-02 | Define the KYC-provider contract for document capture, MRZ/liveness handoff, and result mapping | Ready | High | - | [plans/WV-02-kyc-provider-contract.md](./plans/WV-02-kyc-provider-contract.md) | Provider-backed path replaces Self-owned native scan flow | | ||
| | WV-03 | Remove native NFC and native-scan assumptions from active WebView screens, copy, and docs | Ready | High | WV-02 | - | Active UX/docs should match the WebView-only scope | | ||
| | WV-04 | Define the host callback contract for launch, dismiss, and final result without native modules | Ready | Medium | WV-02 | - | Build on existing `SdkInitialConfig` and `VERIFICATION_COMPLETE` work; define only the WebView-host transport and embedding delta | |
Contributor
There was a problem hiding this comment.
🛠️ Refactor suggestion | 🟠 Major
Create plan files for Ready backlog items.
WV-03 and WV-04 are marked as "Ready" status but have no linked plan files ("-" in the Plan column). Per the execution model, PR-sized execution should live under plans/. Before these items move to "In Progress", create the corresponding plan files:
plans/WV-03-remove-native-scan-assumptions.mdplans/WV-04-host-callback-contract.md
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@specs/projects/sdk/workstreams/webview/SPEC.md` around lines 47 - 52, Two
Ready backlog items (WV-03 and WV-04) lack plan files; create PR-sized plan
markdowns named plans/WV-03-remove-native-scan-assumptions.md and
plans/WV-04-host-callback-contract.md and populate each with the execution plan,
acceptance criteria, scope, and any dependencies so the SPEC table's Plan column
is no longer "-" for WV-03 and WV-04; reference the existing plans format (e.g.,
WV-01/WV-02) and include links back to the SPEC entries for WV-03 and WV-04.
5 tasks
Merged
10 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Test plan
Native Consolidation Checklist
cd app && yarn jest:run/yarn workspace @selfxyz/rn-sdk-test-app test)Summary by CodeRabbit
New Features
Documentation
Chores